Network Working Group                                          C. Newman
Internet-Draft                                          Sun Microsystems
Expires: September 20, 2004                               March 22, 2004


                   Message Submission BURL Extension
                   draft-newman-lemonade-burl-00.txt

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that other
   groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at http://
   www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on September 20, 2004.

Copyright Notice

   Copyright (C) The Internet Society (2004). All Rights Reserved.

Abstract

   The submission profile of Simple Mail Transfer Protocol (SMTP)
   provides a standard way for an email client to submit a complete
   message for delivery.  This specification extends the submission
   profile by adding a new BURL command which can be used to fetch
   submission data from an Internet Message Access Protocol (IMAP)
   server.  This permits a mail client to inject content from an IMAP
   server into the SMTP infrastructure without downloading it to the
   client and uploading it back to the server.








Newman                 Expires September 20, 2004               [Page 1]


Internet-Draft     Message Submission BURL Extension          March 2004


Table of Contents

   1.  Conventions Used in this Document  . . . . . . . . . . . . . .  3
   2.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  BURL Submission Extension  . . . . . . . . . . . . . . . . . .  3
   3.1 SMTP Submission Extension Registration . . . . . . . . . . . .  3
   3.2 BURL Transaction . . . . . . . . . . . . . . . . . . . . . . .  4
   3.3 The BURL IMAP Option . . . . . . . . . . . . . . . . . . . . .  4
   3.4 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . .  5
   3.5 Formal Syntax  . . . . . . . . . . . . . . . . . . . . . . . .  6
   4.  8-bit and Binary . . . . . . . . . . . . . . . . . . . . . . .  6
   5.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . .  7
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . .  7
   7.  Document History . . . . . . . . . . . . . . . . . . . . . . .  7
   7.1 Changes from -01 . . . . . . . . . . . . . . . . . . . . . . .  7
   7.2 Changes from -00 . . . . . . . . . . . . . . . . . . . . . . .  7
       Normative References . . . . . . . . . . . . . . . . . . . . .  8
       Informative References . . . . . . . . . . . . . . . . . . . .  8
       Author's Address . . . . . . . . . . . . . . . . . . . . . . .  9
       Intellectual Property and Copyright Statements . . . . . . . . 10































Newman                 Expires September 20, 2004               [Page 2]


Internet-Draft     Message Submission BURL Extension          March 2004


1. Conventions Used in this Document

   The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
   in this document are to be interpreted as defined in "Key words for
   use in RFCs to Indicate Requirement Levels" [2].

   The formal syntax use the Augmented Backus-Naur Form (ABNF) [4]
   notation including the core rules defined in Appendix A of RFC 2234.

2. Introduction

   This specification defines an extension to the standard Message
   Submission [6] protocol to permit data to be fetched from an IMAP
   server at message submission time.  This MAY be used in conjuction
   with the CHUNKING [10] mechanism so that chunks of the message can
   come from an external IMAP server.  This provides the ability to
   forward an email message without first downloading it to the client.

3. BURL Submission Extension

   This section defines the BURL submission extension.

3.1 SMTP Submission Extension Registration

   1.  The name of this submission extension is "BURL".  This extends
       the Message Submission protocol on port 587 and MUST NOT be
       advertised by a regular SMTP [8] server on port 25.  Compliant
       submission clients MUST attempt to use port 587 prior to falling
       back to port 25, unless explicitly configured to do otherwise by
       the user.

   2.  The EHLO keyword value associated with the extension is "BURL".

   3.  The BURL EHLO keyword will have zero or more arguments.  The only
       argument defined at this time is the "imap" argument, which MUST
       be present in order to use IMAP URLs with BURL.  Clients MUST
       ignore other arguments after the BURL EHLO keyword unless they
       are defined by a subsequent IETF standards track specification.
       The arguments which appear after the BURL EHLO keyword may change
       subsequent to the use of SMTP AUTH [7], so a server which
       advertises BURL with no arguments prior to authentication
       indicates that BURL is supported but authentication is required
       to use it.

   4.  This extension adds the BURL SMTP verb.  This verb is used as a
       replacement for the DATA command and is only permitted during a
       mail transaction after at least one successful recipient.




Newman                 Expires September 20, 2004               [Page 3]


Internet-Draft     Message Submission BURL Extension          March 2004


3.2 BURL Transaction

   When a BURL-aware client connects to a submit server with the BURL
   extension, it will first authenticate (using SMTP AUTH and perhaps
   STARTTLS), and then can submit any number of messages with full
   interoperability with important SMTP extensions such as delivery
   status notifications [17].

   A simple BURL transaction will consist of MAIL FROM, one or more RCPT
   TO headers and a BURL command with the "LAST" tag.  The BURL command
   will include an IMAP URL pointing to a fully formed message ready for
   injection into the SMTP infrastructure.  If PIPELINING [9] is
   advertised, the client MAY send the entire transaction in one round
   trip.  If no valid RCPT TO address is supplied, the BURL command will
   simply fail and no resolution of BURL arguments will be performed.
   If at least one valid RCPT TO address is supplied, then the BURL
   argument will be resolved before the server responds to the command.

   A more sophisticated BURL transaction occurs when the server also
   advertises CHUNKING [10].  In this case, the BURL and BDAT commands
   may be interleaved until one of them terminates the transaction with
   the "LAST" argument.  If PIPELINING [9] is also advertise, then the
   client may pipeline the entire transaction in one round-trip.
   However, it MUST wait for the results of the "LAST" BDAT or BURL
   command prior to initiating a new transaction.

   The BURL command directs the server to fetch the data object to which
   the URL refers and include it in the message.  If the URL fetch
   fails, the server will fail the entire transaction.

3.3 The BURL IMAP Option

   When "imap" is present in the space-separated list of arguments
   following the BURL EHLO keyword, that indicates the BURL command
   supports IMAP URLs [3] with the URLAUTH [13] extended form.

   Subsequent to a successful SMTP AUTH command, the submission server
   MAY indicate a pre-arranged trust relationship with a specific IMAP
   server by including a BURL EHLO keyword argument of the form "imap://
   imap.example.com".  In this case, the submission server will permit a
   regular IMAP URL to mailboxes on imap.example.com which the user who
   authenticated to the submit server can access.









Newman                 Expires September 20, 2004               [Page 4]


Internet-Draft     Message Submission BURL Extension          March 2004


3.4 Examples

   In examples, "C:" and "S:" indicate lines sent by the client and
   server respectively.  If a single "C:" or "S:" label applies to
   multiple lines, then the line breaks between those lines are for
   editorial clarity only and are not part of the actual protocol
   exchange.

   Two successful submissions (without and with pipelining) follow:

   <SSL/TLS encryption layer negotiated>
   C: EHLO potter.example.com
   S: 250-owlry.example.com
   S: 250-8BITMIME
   S: 250-BURL imap
   S: 250-AUTH PLAIN
   S: 250-DSN
   S: 250 ENHANCEDSTATUSCODES
   C: AUTH PLAIN aGFycnkAaGFycnkAYWNjaW8=
   S: 235 2.7.0 PLAIN authentication successful.
   C: MAIL FROM:<harry@gryffindor.example.com>
   S: 250 2.5.0 Address Ok.
   C: RCPT TO:<ron@gryffindor.example.com>
   S: 250 2.1.5 ron@gryffindor.example.com OK.
   C: BURL imap://harry@gryffindor.example.com/outbox
           ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
           :internal:91354a473744909de610943775f92038 LAST
   S: 250 2.5.0 Ok.

   <SSL/TLS encryption layer negotiated>
   C: EHLO potter.example.com
   S: 250-owlry.example.com
   S: 250-8BITMIME
   S: 250-PIPELINING
   S: 250-BURL imap
   S: 250-AUTH PLAIN
   S: 250-DSN
   S: 250 ENHANCEDSTATUSCODES
   C: AUTH PLAIN aGFycnkAaGFycnkAYWNjaW8=
   C: MAIL FROM:<harry@gryffindor.example.com>
   C: RCPT TO:<ron@gryffindor.example.com>
   C: BURL imap://harry@gryffindor.example.com/outbox
           ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
           :internal:91354a473744909de610943775f92038 LAST
   S: 235 2.7.0 PLAIN authentication successful.
   S: 250 2.5.0 Address Ok.
   S: 250 2.1.5 ron@gryffindor.example.com OK.
   S: 250 2.5.0 Ok.



Newman                 Expires September 20, 2004               [Page 5]


Internet-Draft     Message Submission BURL Extension          March 2004


   Some example failure cases:

   C: MAIL FROM:<harry@gryffindor.example.com>
   C: RCPT TO:<malfoy@slitherin.example.com>
   C: BURL imap://harry@gryffindor.example.com/outbox
           ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
           :internal:91354a473744909de610943775f92038 LAST
   S: 250 2.5.0 Address Ok.
   S: 550 5.7.1 Relaying not allowed: malfoy@slitherin.example.com
   S: 554 5.5.0 No recipients have been specified.

   C: MAIL FROM:<harry@gryffindor.example.com>
   C: RCPT TO:<ron@gryffindor.example.com>
   C: BURL imap://harry@gryffindor.example.com/outbox
           ;uidvalidity=1078863300/;uid=25;urlauth=submit+harry
           :internal:71354a473744909de610943775f92038 LAST
   S: 250 2.5.0 Address Ok.
   S: 250 2.1.5 ron@gryffindor.example.com OK.
   S: 554 5.7.0 IMAP URL authorization failed

3.5 Formal Syntax

   The following syntax specification inherits ABNF [4] and Uniform
   Resource Identifiers [5].

      burl-param      = "imap" / ("imap://" authority)
                      ; parameter to BURL EHLO keyword

      burl-cmd        = "BURL" SP absoluteURI [SP end-marker] CRLF

      end-marker      = "LAST"


4. 8-bit and Binary

   The BURL server MUST advertise 8BITMIME [1] and perform the
   downconversion described in that specification on the resulting
   complete message if 8-bit data is received with the BURL command and
   passed to a 7-bit server.  If the URL argument to BURL refers to
   binary data, then the submit server MAY refuse the command or
   downconvert as described in Binary SMTP [10].

   The Submit server MAY refuse to accept a BURL command or combination
   of BURL and BDAT commands which result in unencoded 8-bit data in
   mail or MIME [16] headers.






Newman                 Expires September 20, 2004               [Page 6]


Internet-Draft     Message Submission BURL Extension          March 2004


5. IANA Considerations

   When this is published as an RFC, the "BURL" SMTP extension as
   described in Section 3 will be registered.  This registration will be
   marked as for use by message submission [6] only in the registry.

6. Security Considerations

   A separate specification discussing security details of this proposal
   and counter-proposals is forthcoming.

   Implementations which support the URLAUTH [13] form of IMAP URLs
   SHOULD implement both the SMTP STARTTLS [11] and the IMAP STARTTLS
   [12] extensions and MUST have a configuration setting which requires
   their use with such IMAP URLs.

   When a client uses SMTP STARTTLS to send a BURL command which
   references non-public information, the message submission server MUST
   use STARTTLS or a mechanism providing equivalent data privacy when
   resolving that URL.

7. Document History

7.1 Changes from -01

   o  Removed the conversion argument to BURL to simplify.

   o  Replace the conversion section with the simpler 8-bit and Binary
      section.

   o  Removed the failhow argument to simplify and eliminate
      race-condition which bothered people.

   o  Simplify specification to eliminate "composition" model and just
      focus on BURL command.

   o  Make it clear that BURL can be used without the chunking
      extension.


7.2 Changes from -00

   o  Added the end-marker "LAST", so this could be used without BDAT
      and works with a pre-composed message.

   o  Changed "Message Composition" to "Message Submission with
      Composition" in several places.




Newman                 Expires September 20, 2004               [Page 7]


Internet-Draft     Message Submission BURL Extension          March 2004


   o  Correct Spelling Errors

Normative References

   [1]   Klensin, J., Freed, N., Rose, M., Stefferud, E. and D. Crocker,
         "SMTP Service Extension for 8bit-MIMEtransport", RFC 1652, July
         1994.

   [2]   Bradner, S., "Key words for use in RFCs to Indicate Requirement
         Levels", BCP 14, RFC 2119, March 1997.

   [3]   Newman, C., "IMAP URL Scheme", RFC 2192, September 1997.

   [4]   Crocker, D. and P. Overell, "Augmented BNF for Syntax
         Specifications: ABNF", RFC 2234, November 1997.

   [5]   Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform
         Resource Identifiers (URI): Generic Syntax", RFC 2396, August
         1998.

   [6]   Gellens, R. and J. Klensin, "Message Submission", RFC 2476,
         December 1998.

   [7]   Myers, J., "SMTP Service Extension for Authentication", RFC
         2554, March 1999.

   [8]   Klensin, J., "Simple Mail Transfer Protocol", RFC 2821, April
         2001.

   [9]   Freed, N., "SMTP Service Extension for Command Pipelining", STD
         60, RFC 2920, September 2000.

   [10]  Vaudreuil, G., "SMTP Service Extensions for Transmission of
         Large and Binary MIME Messages", RFC 3030, December 2000.

   [11]  Hoffman, P., "SMTP Service Extension for Secure SMTP over
         Transport Layer Security", RFC 3207, February 2002.

   [12]  Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
         4rev1", RFC 3501, March 2003.

   [13]  Crispin, M. and C. Newman, "Internet Message Access Protocol
         (IMAP) - URLAUTH Extension", draft-crispin-imap-urlauth-06
         (work in progress), January 2004.

Informative References

   [14]  Postel, J., "Simple Mail Transfer Protocol", STD 10, RFC 821,



Newman                 Expires September 20, 2004               [Page 8]


Internet-Draft     Message Submission BURL Extension          March 2004


         August 1982.

   [15]  Freed, N., "SMTP Service Extension for Returning Enhanced Error
         Codes", RFC 2034, October 1996.

   [16]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
         Extensions (MIME) Part One: Format of Internet Message Bodies",
         RFC 2045, November 1996.

   [17]  Moore, K., "Simple Mail Transfer Protocol (SMTP) Service
         Extension for Delivery Status Notifications (DSNs)", RFC 3461,
         January 2003.


Author's Address

   Chris Newman
   Sun Microsystems
   1050 Lakes Drive
   West Covina, CA  91790
   US

   EMail: chris.newman@sun.com




























Newman                 Expires September 20, 2004               [Page 9]


Internet-Draft     Message Submission BURL Extension          March 2004


Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   intellectual property or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; neither does it represent that it
   has made any effort to identify any such rights. Information on the
   IETF's procedures with respect to rights in standards-track and
   standards-related documentation can be found in BCP-11. Copies of
   claims of rights made available for publication and any assurances of
   licenses to be made available, or the result of an attempt made to
   obtain a general license or permission for the use of such
   proprietary rights by implementors or users of this specification can
   be obtained from the IETF Secretariat.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights which may cover technology that may be required to practice
   this standard. Please address the information to the IETF Executive
   Director.


Full Copyright Statement

   Copyright (C) The Internet Society (2004). All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works. However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assignees.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION



Newman                 Expires September 20, 2004              [Page 10]


Internet-Draft     Message Submission BURL Extension          March 2004


   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.











































Newman                 Expires September 20, 2004              [Page 11]